The ‘dark art’ of malware creation
Computer programming languages are absolutely fundamental, building blocks in the world of technology, whether it’s smartphones, traffic lights or an automated hospital MRI scanner.
They enable the marvel of technology and all the things we can do and the things we take for granted like withdrawing cash from an ATM or accessing the Internet while on the move.
Technically a programming language is a vocabulary and set of grammatical rules for instructing a computer or computing device to perform specific tasks. There are many different languages but each one has a unique set of keywords and a special syntax for organizing program instructions.
According to IEEE Spectrum, a magazine produced by the Institute of Electrical and Electronics Engineers, the top 10 popular programming languages in use last year were in descending order:
That said there are other programming languages too such as BASIC, COBOL, FORTRAN, Ada, and Pascal.
They use different languages to create different types of malware. This malware, or viruses, can be anything from Trojan horses to worms which self-replicate, viruses that infect a computer hard drive and viruses that infect the random access memory and infect each file that is opened.
Sometimes these viruses combine different functions. For instance, WannaCry ransomware which caused such devastation last year featured file encrypting code which locked files and a worm component that allowed it to spread rapidly.
They enable the marvel of technology and all the things we can do and the things we take for granted like withdrawing cash from an ATM or accessing the Internet while on the move.
Technically a programming language is a vocabulary and set of grammatical rules for instructing a computer or computing device to perform specific tasks. There are many different languages but each one has a unique set of keywords and a special syntax for organizing program instructions.
Levels of programming
There are different levels of programming language. To put it simply programming languages are either classified as low-level or high-level.- Low-level languages interact directly with the computer processor or CPU, perform very basic commands, and are generally hard to read. Machine code, one example of a low-level language, uses code that consists of just two numbers — 0 and 1;
- High-level languages use natural language so it is easier for people to read and write. Almost all are written in English. Whether they’re programming in HTML, JavaScript, Python languages, programmers all over the same world use the same English keywords and syntax in their code. When code is written in a high-level language an interpreter or compiler translates this high-level language into low-level code a computer can understand.
According to IEEE Spectrum, a magazine produced by the Institute of Electrical and Electronics Engineers, the top 10 popular programming languages in use last year were in descending order:
- Python
- C
- Java
- C++
- C#
- R
- JavaScript
- Go
- Swift
- Ruby
That said there are other programming languages too such as BASIC, COBOL, FORTRAN, Ada, and Pascal.
Dark art or science?
Computer programming is both science and mathematics and to the uninitiated it can seem like a mysterious dark art. But high level hackers are generally well versed in these languages which is why they are often as successful as they are.They use different languages to create different types of malware. This malware, or viruses, can be anything from Trojan horses to worms which self-replicate, viruses that infect a computer hard drive and viruses that infect the random access memory and infect each file that is opened.
Sometimes these viruses combine different functions. For instance, WannaCry ransomware which caused such devastation last year featured file encrypting code which locked files and a worm component that allowed it to spread rapidly.
BullGuard protects your computer from hackers, spies and malware
TRY NOW FOR FREE - 90 DAYSWhich languages do hackers prefer?
The programming languages that hackers choose will depend on their objectives.
- C is a general-purpose programming language. It can be used to write all sorts of malware for different computing environments such as desktop, server and grid computing.
- JS, Actionscript, VB script and Java are often used for computer exploits. An exploit takes advantage of a weakness in an operating system, application or any other software code, including application plug-ins. These exploits come in all shapes and sizes but some of the most common are SQL injection attacks (code injection technique) and cross-site scripting (malicious scripts injected into trusted web sites).
- For remote attacks on servers the Python language is popular among hackers. It is simpler than the C language and it doesn’t need to be compiled which means translating source code files into other types of code.
- For high-level malware C#, C++ and other high level languages are generally used. This type of malware is more complex than the average virus and can take a significant amount of time to develop. An example is the Point of Sale malware attack on US retailer Target in 2013. An estimated 110 million customers had card account numbers, expiration dates and secret CVV codes stolen.
- Many Android mobile apps are developed using Java language and sometimes with a smattering of C and C++. As a result hackers lean towards Java when they target mobile devices.
For sale on the dark web
Not all hacker are coders. Many simply go onto the dark web and buy malware that has been created by others.
For example, instances of ransomware-as-a-service on the dark web have boomed in the last 18 months.
For example, instances of ransomware-as-a-service on the dark web have boomed in the last 18 months.
- High level hackers use their favoured code to create ransomware and then host it on a portal.
- An ‘affiliate’, that is a low level hacker, signs up to use the ransomware.
- Some of these ransomware code packages are free to deploy with a profit-sharing model. The code author shares in the affiliates earnings.
- When victims pay (via Bitcoin) to unlock their data, payments are often delivered to the author’s account.
- The author then distributes shares to the affiliates. These shares can be as high as 80 percent.
No comments: